Bugtraq mailing list archives
Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x
From: "Gleb O. Raiko" <raiko () niisi msk ru>
Date: Thu, 14 Nov 2013 19:44:15 +0400
Kevin, Considering ChainsDD Superuser you mentioned.Unfortunately, your mail describes just potential attack vectors. While I can't say for sure, Superuser isn't vulnerable at all, I'd like to note that su invokes the am script in the process with the credentials of the caller, not root. Thus, by manipulating the environment variables, file descriptors, signals, etc, the user can get yet another process with the same credentials, perhaps, with a shell or with an instance of Davlik VM inside.
Regards, Gleb.
Current thread:
- Superuser unsanitized environment vulnerability on Android <= 4.2.x Kevin Cernekee (Nov 13)
- Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x Gleb O. Raiko (Nov 14)
- Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x Kevin Cernekee (Nov 14)
- Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x Gleb O. Raiko (Nov 14)